fix(webapp): schedule run-ops mint-kind flips to avoid duplicate runs#4208
fix(webapp): schedule run-ops mint-kind flips to avoid duplicate runs#4208d-cs wants to merge 2 commits into
Conversation
Flipping an organization's run-ops mint kind (which database new runs are minted on) took effect independently per process as each cached value expired. For a window after a flip, two concurrent triggers using the same idempotency key could mint on different databases, where the per-database unique constraint can't dedupe them, producing a duplicate run. The flip is now a deterministic wall-clock cutover: the admin feature-flag routes stamp the previously-effective kind and a flip timestamp onto the organization, and the mint read resolves the old kind until flippedAt + grace (default 90s, chosen to outlast the caches a flip drains through), after which every process crosses to the new kind together. During the window all processes agree on one database, so a concurrent same-key collision lands on a single database and the existing unique-constraint retry returns the one idempotent run. A same-target re-save carries the in-flight stamp forward, so it can't slide the cutover.
|
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Repository UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
📜 Recent review details⏰ Context from checks skipped due to timeout. (2)
WalkthroughThis change adds a deterministic grace window for mint-kind flips. A new environment variable, 🚥 Pre-merge checks | ✅ 3 | ❌ 2❌ Failed checks (2 warnings)
✅ Passed checks (3 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
apps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.ts (1)
108-114: 🗄️ Data Integrity & Integration | 🟠 Major | ⚡ Quick winClear should preserve the runOps mint-flip grace
body === nullor{}writesPrisma.JsonNulldirectly, so an org onrunOpsMintKind: "runOpsId"losesrunOpsMintKindPrevandrunOpsMintKindFlippedAtand falls back to"cuid"immediately. If clearing is supported here, route it throughstampMintKindFlip(or otherwise carry forward the grace metadata) instead of persisting a bareJsonNull.
🧹 Nitpick comments (1)
apps/webapp/app/v3/runOpsMigration/mintFlipGrace.ts (1)
50-77: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value
stampMintKindFlipmutatesoutgoingFlagsin place.The function both mutates and returns
outgoingFlags. The downstream admin route reassigns the return value, so this works, but the implicit mutation could surprise callers who pass a shared object. Consider either documenting the mutation in the doc comment or operating on a shallow copy.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository UI
Review profile: CHILL
Plan: Pro
Run ID: 050bf6f1-d7b5-4511-a3cd-66a38ed90567
📒 Files selected for processing (8)
apps/webapp/app/env.server.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.ts
📜 Review details
⏰ Context from checks skipped due to timeout. (14)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (1, 10)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (4, 10)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (9, 10)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (2, 10)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (6, 10)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (7, 10)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (8, 10)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (3, 10)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (5, 10)
- GitHub Check: webapp / 🧪 Unit Tests: Webapp (10, 10)
- GitHub Check: typecheck / typecheck
- GitHub Check: e2e-webapp / 🧪 E2E Tests: Webapp
- GitHub Check: Analyze (javascript-typescript)
- GitHub Check: code-quality / code-quality
🧰 Additional context used
📓 Path-based instructions (10)
**/*.{ts,tsx}
📄 CodeRabbit inference engine (.github/copilot-instructions.md)
**/*.{ts,tsx}: Use types over interfaces for TypeScript
Avoid using enums; prefer string unions or const objects instead
Files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
{packages/core,apps/webapp}/**/*.{ts,tsx}
📄 CodeRabbit inference engine (.github/copilot-instructions.md)
Use zod for validation in packages/core and apps/webapp
Files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
**/*.{ts,tsx,js,jsx}
📄 CodeRabbit inference engine (.github/copilot-instructions.md)
Use function declarations instead of default exports
**/*.{ts,tsx,js,jsx}: Prefer static imports over dynamicimport(); only use dynamic imports when resolving circular dependencies, enabling real code splitting, or conditionally loading a module at runtime.
Always import from@trigger.dev/sdk; never use@trigger.dev/sdk/v3or the deprecatedclient.defineJob.
Files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
**/*.{test,spec}.{ts,tsx}
📄 CodeRabbit inference engine (.github/copilot-instructions.md)
Use vitest for all tests in the Trigger.dev repository
Files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.ts
**/*.ts
📄 CodeRabbit inference engine (.cursor/rules/otel-metrics.mdc)
**/*.ts: When creating or editing OTEL metrics (counters, histograms, gauges), ensure metric attributes have low cardinality by using only enums, booleans, bounded error codes, or bounded shard IDs
Do not use high-cardinality attributes in OTEL metrics such as UUIDs/IDs (envId, userId, runId, projectId, organizationId), unbounded integers (itemCount, batchSize, retryCount), timestamps (createdAt, startTime), or free-form strings (errorMessage, taskName, queueName)
When exporting OTEL metrics via OTLP to Prometheus, be aware that the exporter automatically adds unit suffixes to metric names (e.g., 'my_duration_ms' becomes 'my_duration_ms_milliseconds', 'my_counter' becomes 'my_counter_total'). Account for these transformations when writing Grafana dashboards or Prometheus queries
Files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
apps/webapp/**/*.{ts,tsx}
📄 CodeRabbit inference engine (.cursor/rules/webapp.mdc)
apps/webapp/**/*.{ts,tsx}: Access environment variables through theenvexport ofenv.server.tsinstead of directly accessingprocess.env
Use subpath exports from@trigger.dev/corepackage instead of importing from the root@trigger.dev/corepathAlways use
findFirstinstead offindUniquefor Prisma queries.
Files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
apps/webapp/**/*.test.{ts,tsx}
📄 CodeRabbit inference engine (.cursor/rules/webapp.mdc)
Do not import
env.server.tsdirectly or indirectly into test files; instead pass environment-dependent values through options/parameters to make code testable
Files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.ts
apps/webapp/**/*.{test,spec}.{ts,tsx}
📄 CodeRabbit inference engine (apps/webapp/CLAUDE.md)
In test files, never import
env.server.ts; pass configuration as options instead.
Files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.ts
**/*.test.{ts,tsx,js,jsx}
📄 CodeRabbit inference engine (AGENTS.md)
Place test files next to their source files, e.g.
MyService.ts->MyService.test.ts.
Files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.ts
apps/webapp/app/routes/**/*.ts
📄 CodeRabbit inference engine (apps/webapp/CLAUDE.md)
Use Remix flat-file route naming with dot-separated segments in
app/routes/(for example,api.v1.tasks.$taskId.trigger.tsmaps to/api/v1/tasks/:taskId/trigger).
Files:
apps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.ts
🧠 Learnings (20)
📚 Learning: 2026-03-22T13:26:12.060Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3244
File: apps/webapp/app/components/code/TextEditor.tsx:81-86
Timestamp: 2026-03-22T13:26:12.060Z
Learning: In the triggerdotdev/trigger.dev codebase, do not flag `navigator.clipboard.writeText(...)` calls for `missing-await`/`unhandled-promise` issues. These clipboard writes are intentionally invoked without `await` and without `catch` handlers across the project; keep that behavior consistent when reviewing TypeScript/TSX files (e.g., usages like in `apps/webapp/app/components/code/TextEditor.tsx`).
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
📚 Learning: 2026-03-22T19:24:14.403Z
Learnt from: matt-aitken
Repo: triggerdotdev/trigger.dev PR: 3187
File: apps/webapp/app/v3/services/alerts/deliverErrorGroupAlert.server.ts:200-204
Timestamp: 2026-03-22T19:24:14.403Z
Learning: In the triggerdotdev/trigger.dev codebase, webhook URLs are not expected to contain embedded credentials/secrets (e.g., fields like `ProjectAlertWebhookProperties` should only hold credential-free webhook endpoints). During code review, if you see logging or inclusion of raw webhook URLs in error messages, do not automatically treat it as a credential-leak/secrets-in-logs issue by default—first verify the URL does not contain embedded credentials (for example, no username/password in the URL, no obvious secret/token query params or fragments). If the URL is credential-free per this project’s conventions, allow the logging.
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
📚 Learning: 2026-05-18T08:21:27.694Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3632
File: apps/webapp/sentry.server.ts:4-21
Timestamp: 2026-05-18T08:21:27.694Z
Learning: When handling Prisma error P1001 ("Can't reach database server") in TypeScript, don’t assume a single error shape. Prisma can surface P1001 via two different error classes/fields: `PrismaClientKnownRequestError` exposes it as `err.code === "P1001"` (common during mid-query connection drops), while `PrismaClientInitializationError` exposes it as `err.errorCode === "P1001"` (common on client startup failure). Therefore, predicates should use `err.code === "P1001" || err.errorCode === "P1001"`. Do not flag `err.code === "P1001"` as “unreachable/never matches,” as it is expected in production.
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
📚 Learning: 2026-05-18T08:21:27.694Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3632
File: apps/webapp/sentry.server.ts:4-21
Timestamp: 2026-05-18T08:21:27.694Z
Learning: When handling Prisma errors for P1001 ("Can't reach database server"), do not assume it only appears under a single property name. Prisma may surface P1001 via either `PrismaClientKnownRequestError` (`err.code === "P1001"`, e.g., mid-query connection drops) or `PrismaClientInitializationError` (`err.errorCode === "P1001"`, e.g., client startup connection failure). To reliably detect the condition, check `err.code === "P1001" || err.errorCode === "P1001"`, and avoid review rules that would incorrectly flag `err.code === "P1001"` as unreachable/never-matching.
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
📚 Learning: 2026-06-13T19:53:13.759Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3937
File: packages/trigger-sdk/skills/realtime-and-frontend/SKILL.md:258-260
Timestamp: 2026-06-13T19:53:13.759Z
Learning: When reviewing code that uses `trigger.dev/react-hooks`’s `useRealtimeRun`, preserve the call signature where the first argument is the full realtime handle object (not `handle.id`). This is intentional to maintain type-safety and is consistent with the official docs; do not suggest changing the first argument from the handle object to `handle.id`.
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
📚 Learning: 2026-06-17T17:13:49.929Z
Learnt from: matt-aitken
Repo: triggerdotdev/trigger.dev PR: 3948
File: apps/webapp/app/routes/_app.orgs.$organizationSlug.projects.$projectParam.env.$envParam.bulk-actions.$bulkActionParam/route.tsx:48-62
Timestamp: 2026-06-17T17:13:49.929Z
Learning: In triggerdotdev/trigger.dev, within `dashboardLoader`/`dashboardAction` (or similar context resolver code) whenever you resolve an organization ID from an organization slug for RBAC/enterprise authorization scope, always read from the primary Prisma client (`prisma`), not `$replica`. Using `$replica` can hit replica-lag and cause the RBAC lookup/authorization to run without the correct org scope (bypassing intended role enforcement). Implement the slug→org lookup with `prisma.organization.findFirst(...)` (or equivalent primary-client query) and add an inline comment documenting why the primary client is required (replica lag could lead to unscoped RBAC checks).
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
📚 Learning: 2026-06-23T13:04:21.413Z
Learnt from: carderne
Repo: triggerdotdev/trigger.dev PR: 4023
File: apps/webapp/app/services/upsertBranch.server.ts:14-18
Timestamp: 2026-06-23T13:04:21.413Z
Learning: In TypeScript, it’s valid to `import { type X }` and then use `typeof X` in a type-only position, e.g. `type Alias = z.infer<typeof X>`. The `type` modifier suppresses the runtime import, but the type checker still has the full exported type so `z.infer<typeof X>` can resolve correctly. In code reviews, don’t flag this as a TypeScript compile error as long as `typeof X` is used in a type context (e.g., with `z.infer`, `type` aliases, generics), not as a runtime value.
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
📚 Learning: 2026-03-29T19:16:28.864Z
Learnt from: nicktrn
Repo: triggerdotdev/trigger.dev PR: 3291
File: apps/webapp/app/v3/featureFlags.ts:53-65
Timestamp: 2026-03-29T19:16:28.864Z
Learning: When reviewing TypeScript code that uses Zod v3, treat `z.coerce.*()` schemas as their direct Zod type (e.g., `z.coerce.boolean()` returns a `ZodBoolean` with `_def.typeName === "ZodBoolean"`) rather than a `ZodEffects`. Only `.preprocess()`, `.refine()`/`.superRefine()`, and `.transform()` are expected to wrap schemas in `ZodEffects`. Therefore, in reviewers’ logic like `getFlagControlType`, do not flag/unblock failures that require unwrapping `ZodEffects` when the input schema is a `z.coerce.*` schema.
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.ts
📚 Learning: 2026-06-09T16:27:26.195Z
Learnt from: myftija
Repo: triggerdotdev/trigger.dev PR: 3878
File: apps/webapp/app/v3/services/computeTemplateCreation.server.ts:0-0
Timestamp: 2026-06-09T16:27:26.195Z
Learning: When working in triggerdotdev/trigger.dev code related to worker-group/region default resolution (e.g., defaultWorkerInstanceGroupId handling used by getGlobalDefaultWorkerGroup, getDefaultWorkerGroupForProject, and RegionsPresenter), do NOT add org-level featureFlags overrides in only one resolution site. That can cause template creation routing/decisions to diverge from actual run routing. If org-level override of the default region/worker group is required, it must be centralized in getGlobalDefaultWorkerGroup so every resolution path remains aligned.
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.ts
📚 Learning: 2026-05-12T21:04:05.815Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3542
File: apps/webapp/app/components/sessions/v1/SessionStatus.tsx:1-3
Timestamp: 2026-05-12T21:04:05.815Z
Learning: In this Remix + TypeScript codebase, do not flag a server/client boundary violation when a file imports only types from a module matching `*.server`.
Specifically, it’s safe to import types using `import type { Foo } from "*.server"` or `import { type Foo } from "*.server"` because TypeScript erases type-only imports at compile time and they emit no JavaScript, so they won’t cross the Remix server/client bundle boundary.
Only raise the boundary concern for value imports (e.g., `import { Foo }` without `type`, or `import Foo`), since those produce JavaScript output.
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
📚 Learning: 2026-06-25T18:21:51.905Z
Learnt from: carderne
Repo: triggerdotdev/trigger.dev PR: 4039
File: apps/webapp/app/routes/invite-revoke.tsx:0-0
Timestamp: 2026-06-25T18:21:51.905Z
Learning: During the Zod v4 migration in the triggerdotdev/trigger.dev webapp, ensure any imports from `conform-to/zod` use the Zod-4 subpath: `conform-to/zod/v4` (e.g., `import { parseWithZod } from "conform-to/zod/v4"`). Do not import from the package root `conform-to/zod`, because it is the Zod 3 implementation and may load Zod-3-only symbols (e.g., `ZodBranded`, `ZodEffects`), which can throw at module load (notably with `zod4.4.3`). This should be enforced across `apps/webapp/**/*` where helpers like `parseWithZod` and `conformZodMessage` are used.
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
📚 Learning: 2026-07-03T17:10:21.498Z
Learnt from: 0ski
Repo: triggerdotdev/trigger.dev PR: 4148
File: apps/webapp/app/models/orgMember.server.ts:149-168
Timestamp: 2026-07-03T17:10:21.498Z
Learning: In triggerdotdev/trigger.dev, `User.email` (Prisma schema: `internal-packages/database/prisma/schema.prisma`) currently does NOT use `citext` and does NOT have a `lower(email)` functional unique index. Therefore, do not introduce Prisma queries like `where: { email: { equals: <value>, mode: "insensitive" } }` (or any case-insensitive lookup) against `User.email`, because it can force sequential scans of the `users` table under load. During review, ensure email is normalized (e.g., lowercased/trimmed) before both writes and subsequent lookups, and if true case-insensitive behavior/uniqueness is required, implement it via a separate app-wide migration (e.g., switch to `citext` and/or add a functional unique index with backfill) rather than bolting it onto individual feature PRs.
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
📚 Learning: 2026-05-18T14:40:02.173Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3658
File: packages/core/src/v3/realtimeStreams/manager.test.ts:1-147
Timestamp: 2026-05-18T14:40:02.173Z
Learning: In the triggerdotdev/trigger.dev repo, the policy “Never mock anything — use testcontainers instead” should only be enforced for integration tests that interact with real external services (e.g., Redis, Postgres) via actual infrastructure. For unit tests that exercise pure in-memory logic (e.g., cache semantics) it is OK to stub collaborators such as `ApiClient` using Vitest (`vi.fn()`) to assert call counts or control behavior. Do not flag `vi.fn()`-based `ApiClient` stubs in unit tests as violations of the testcontainers policy.
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.ts
📚 Learning: 2026-06-04T18:16:35.386Z
Learnt from: nicktrn
Repo: triggerdotdev/trigger.dev PR: 3836
File: apps/supervisor/src/backpressure/backpressureMonitor.ts:3-5
Timestamp: 2026-06-04T18:16:35.386Z
Learning: When reviewing TypeScript in this repo, apply the rule “prefer type aliases over interfaces” only to data/object shapes and union/intersection type modeling. If an interface is being used as a behavioral contract for collaborators to implement (e.g., method-shape interfaces that define required behavior, such as `BackpressureLogger` / `BackpressureSignalSource` in `apps/supervisor/src/backpressure/backpressureMonitor.ts`), keep it as an `interface` and do not flag it as a type-alias-vs-interface violation.
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
📚 Learning: 2026-06-09T17:58:04.699Z
Learnt from: 0ski
Repo: triggerdotdev/trigger.dev PR: 3879
File: apps/webapp/app/models/vercelIntegration.server.ts:619-630
Timestamp: 2026-06-09T17:58:04.699Z
Learning: In this codebase, outbound raw `fetch` calls should typically rely on Node/undici’s default request timeout (about ~300s) rather than adding a per-call `AbortController` + `setTimeout` wrapper inside individual functions (e.g. in files like `apps/webapp/app/models/vercelIntegration.server.ts`). During code review, do not flag the absence of a per-call timeout on a single `fetch` as an issue; if per-call timeouts are needed, they should be implemented via a codebase-wide convention (e.g., a shared fetch wrapper or documented pattern) rather than ad-hoc per-function changes.
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.tsapps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.tsapps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.tsapps/webapp/app/v3/featureFlags.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.tsapps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
📚 Learning: 2026-06-16T09:19:47.637Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3960
File: apps/webapp/test/prismaInfrastructureErrorCapture.test.ts:0-0
Timestamp: 2026-06-16T09:19:47.637Z
Learning: In this repo’s Vitest setup, `vitest.config.ts` uses `globals: true`, so identifiers like `vi`, `describe`, `it`, and `expect` are available as globals in Vitest test files. During code review, do not flag missing `vi`/`describe`/`it`/`expect` imports as a runtime error or correctness issue when they’re used in `*.test.ts/tsx` or `*.spec.ts/tsx` files. Explicit imports are still preferred for consistency, but they’re not required for runtime behavior.
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.tsapps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.ts
📚 Learning: 2026-05-05T09:38:02.512Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3523
File: apps/webapp/app/routes/api.v3.batches.ts:178-181
Timestamp: 2026-05-05T09:38:02.512Z
Learning: When reviewing code that catches `ServiceValidationError` in `*.server.ts` files, do not blindly forward `error.status` to HTTP responses, because SVEs may be thrown with non-default statuses (e.g., 400/500) and forwarding them can cause client-visible behavioral regressions (e.g., surfacing 500s to clients). Prefer a safe default response status of `error.status ?? 422`, but only after confirming via the reachable call graph that the caught `ServiceValidationError` instances are expected to carry those non-default statuses; otherwise, normalize to `422` to avoid unexpected client-visible 5xx behavior.
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.tsapps/webapp/app/env.server.ts
📚 Learning: 2026-05-14T08:21:07.614Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3614
File: apps/webapp/app/v3/mollifier/mollifierGate.server.ts:48-52
Timestamp: 2026-05-14T08:21:07.614Z
Learning: When using Trigger.dev v3 feature flags in the webapp, prefer the existing per-org gating mechanism supported by `flag()` via the `overrides` argument. Pass `Organization.featureFlags` (from `environment.organization.featureFlags`) as the `overrides` value; overrides must take precedence over the global `featureFlag` row. Do not require schema changes or add an `orgId` field to `FlagsOptions` for per-org gating—use the overrides pattern consistently (e.g., in gate flows like `resolveOrgFlag` and any server code that threads `environment.organization.featureFlags` into the gate call).
Applied to files:
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.ts
📚 Learning: 2026-05-20T17:21:18.543Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3678
File: apps/webapp/app/entry.server.tsx:0-0
Timestamp: 2026-05-20T17:21:18.543Z
Learning: In env.server.ts (Zod env schema), any environment variable you plan to access via the typed `env` export (e.g., `env.SENTRY_DSN`) must be explicitly declared in the schema. For `SENTRY_DSN`, include `SENTRY_DSN: z.string().optional()`; otherwise switching from `process.env.SENTRY_DSN` to `env.SENTRY_DSN` will fail TypeScript typechecking.
Applied to files:
apps/webapp/app/env.server.ts
📚 Learning: 2026-06-01T11:37:08.569Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3754
File: apps/webapp/app/env.server.ts:1104-1129
Timestamp: 2026-06-01T11:37:08.569Z
Learning: In apps/*/app/env.server.ts, any new background/periodic worker feature flag should hard-default to "0" (explicit opt-in) rather than inheriting from a parent flag (e.g., avoid defaulting to process.env.TRIGGER_MOLLIFIER_ENABLED ?? "0"). Inheriting can cause the new worker to auto-start on upgrade for deployments that already enabled the parent flag, turning on unexpected background load without an explicit rollout. Each worker component must require its own dedicated env var and default it explicitly to "0" (e.g., TRIGGER_MOLLIFIER_STALE_SWEEP_ENABLED defaults to "0" unless explicitly set to enable that worker).
Applied to files:
apps/webapp/app/env.server.ts
🔇 Additional comments (10)
apps/webapp/app/env.server.ts (1)
1756-1759: LGTM!apps/webapp/app/v3/featureFlags.ts (1)
22-24: LGTM!Also applies to: 60-63, 80-81
apps/webapp/app/v3/runOpsMigration/mintFlipGrace.ts (2)
16-25: LGTM!
27-45: LGTM!apps/webapp/app/v3/runOpsMigration/mintFlipGrace.test.ts (1)
14-44: LGTM!Also applies to: 51-68, 70-100, 102-140
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.server.ts (2)
43-73: LGTM!
85-92: LGTM!Also applies to: 107-126
apps/webapp/app/v3/runOpsMigration/runOpsMintKind.flipLatency.test.ts (1)
5-13: LGTM!apps/webapp/app/routes/admin.api.v1.orgs.$organizationId.feature-flags.ts (1)
3-9: LGTM!Also applies to: 88-104
apps/webapp/app/routes/admin.api.v2.orgs.$organizationId.feature-flags.ts (1)
5-9: LGTM!Also applies to: 124-134
There was a problem hiding this comment.
🔍 Grace stamp is lost when all flags are cleared via the v2 route
When the v2 admin route receives null or {} as the body, it sets featureFlags = Prisma.JsonNull (line 114) and skips stampMintKindFlip entirely. This means clearing all flags during an active grace window will immediately lose the grace stamp (runOpsMintKindPrev, runOpsMintKindFlippedAt), potentially causing cross-process divergence if a stale process still has the old kind cached. This is likely acceptable since clearing all flags is a deliberate reset, but operators should be aware that clearing flags mid-grace is not safe for the mint-kind convergence guarantee.
(Refers to lines 110-114)
Was this helpful? React with 👍 or 👎 to provide feedback.
| ...(existingFlags.success ? existingFlags.data : {}), | ||
| ...validationResult.data, | ||
| }, | ||
| Date.now(), |
There was a problem hiding this comment.
issue: Use control plane DB time
| featureFlags = stampMintKindFlip( | ||
| existingOrg?.featureFlags as Record<string, unknown> | null | undefined, | ||
| featureFlags, | ||
| Date.now(), |
There was a problem hiding this comment.
suggestion: use control plane db time
Summary
Flipping an organization's run-ops mint kind (which database new runs are minted on) took effect independently per process as each cached value expired. For a window after a flip, two concurrent triggers using the same idempotency key could mint on different databases, where the per-database unique constraint can't dedupe them, producing a duplicate run.
Fix
The flip is now a deterministic wall-clock cutover. The admin feature-flag routes stamp the previously-effective kind and a flip timestamp onto the organization; the mint read resolves the old kind until
flippedAt + grace(default 90s, chosen to outlast the caches a flip drains through), after which every process crosses to the new kind together. During the window all processes agree on a single database, so a concurrent same-key collision lands on one database and the existing unique-constraint retry returns the one idempotent run. A same-target re-save carries the in-flight stamp forward, so it can't slide the cutover.